<?
	if ($id) {
		$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_signuploggedin"));
	} else 
	if ($_REQUEST['signup']) {
		$email 	= mb_strtolower($_REQUEST['email'],"UTF-8");
		$name 	= mb_strtolower($_REQUEST['user'],"UTF-8");
			if (!CheckEmail($email)) {
				$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_emailinvalid"));
			} elseif (preg_match("/[^a-z^0-9^_^-]/",$name)) {
				$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_nameinvalid"));
			} elseif (strlen($name) > 32 ) {
				$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_namelong"));
			} elseif (strlen($name) < 2 ) {
				$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_nameshort"));
			} else {			
				$query        = "SELECT id from users where name='" . $name ."'";
				$result = mysql_query($query);
			
				if (mysql_num_rows($result)) {
					$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_usernametaken"));
				} elseif (strlen ($_REQUEST['password']) < 5 )  {
						$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_shortpass"));
				} elseif (strcmp($_REQUEST['password'],$_REQUEST['again']))  {
						$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_passnomatch"));
				} elseif ($_SESSION['verify']!= $_REQUEST['verify']) {					
						$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_verifynomatch"));
				} else {
						$ip 		= $_SERVER['REMOTE_ADDR']; 
						$email 	= escapestr($email);
						$name 	= escapestr($name);
						$time	 	= time();
						$hash = md5 (escapestr($_REQUEST['password']));
						$query = "INSERT INTO users (`ip`,`name`,`password`,`signup`,`email`,`lang`) 
									VALUES ('$ip','$name','$hash', '$time' ,'$email','$lang')" ;
						$result = mysql_query($query);
						if ($result) {
							mkdir("users/$name");							
							mkdir("users/$name/photos");							
							$success=true;
							$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_regsuccess"),str_ireplace("%site_title%",$SITE_TITLE,GetLangString($lang,"msg_regsuccess")));
							$code = md5($hash.$name);
							SendVerification($name,$time,$email);
						} else {
							$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_dberror"));
						}
					
						$query        = "SELECT id from users where name='$name'";
						$result = mysql_query($query);
						if (mysql_num_rows($result)){ 
							$id = mysql_result ($result,0);
							$query = "INSERT INTO info (id) VALUES ('$id')" ;	
							$result = mysql_query($query);
							if (!$result) {
						$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_dberror"));
							}
							$query = "INSERT INTO profile (id) VALUES ('$id')" ;	
							$result = mysql_query($query);
							if (!$result) {
						$SITE_MIDDLE .= FormatElement(GetLangString($lang,"txt_error"),GetLangString($lang,"msg_dberror"));
							}
						}
					}
				}
			} 
				
			if (!$success) $SITE_MIDDLE .=
			FormatElement(GetLangString($lang,"txt_signup"),"
			<form method='POST' ACTION='index.php?do=signup'>
			<label>".GetLangString($lang,"txt_name")."</label><br><input name='user' value='$name' type='text'><br>
			<label>".GetLangString($lang,"txt_password")."</label><br><input name='password' type='password'><br>
			<label>".GetLangString($lang,"txt_passagain")."</label><br><input name='again' type='password'><br>
			<label>".GetLangString($lang,"txt_email")."</label><br><input name='email' value='$email' type='text'><br>
			<label>".GetLangString($lang,"txt_imgverify")."</label><br><img src=index.php?do=cap><input name='verify' type='text'><br>
			<input value='".GetLangString($lang,"txt_signup")."'  name='signup' type='submit'>
			</form>"); 

?>
